Actions

Difference between revisions of "Adaptive Security Architecture (ASA)"

m (The LinkTitles extension automatically added links to existing pages (https://github.com/bovender/LinkTitles).)
Line 1: Line 1:
Adaptive security [[architecture]] describes an approach that uses a combination of integrated tactics to help businesses stay ahead of cybercriminals, instigating flexible security measures to protect [[data]] and systems in as agile a way as possible, rather than relying on outdated perimeter defense strategies.<ref>Definition - Defining Adaptive [[Security Architecture]] (ASA) [https://www.insightsforprofessionals.com/blog/what-is-adaptive-security-architecture IFP Technology]</ref>
+
'''Adaptive security architecture''' describes an approach that uses a combination of integrated tactics to help businesses stay ahead of cybercriminals, instigating flexible security measures to protect data and systems in as agile a way as possible, rather than relying on outdated perimeter defense strategies.<ref>Definition - Defining Adaptive Security Architecture (ASA) [https://www.insightsforprofessionals.com/blog/what-is-adaptive-security-architecture IFP Technology]</ref>
  
The Adaptive Security Architecture is the enterprise security immune [[system]]. Adaptive Security Architecture (ASA) is based on solutions that use adaptive and dynamic operational styles to maintain the integrity of data, systems and their survivability. To extend the parallel between biological ecosystems and enterprise IT infrastructures, ASA follows the Darwinian concept of ‘adapt or die’. Successful IT infrastructures must adapt or they will eventually fall to predator attacks, viral infections or the inability to adjust to environmental changes. ASA behaves similarly to how an organism defends against a localised disease outbreak or even a pandemic. Using an adaptive approach, ASA is an autonomic system that effectively mimics both an organic immune system and a large-scale natural ecosystem. To this end, the keyobjective of an Adaptive Security Architecture (ASA) is to be able to detect, contain and respond to cyber threats before they cause damage by:
+
The Adaptive Security Architecture is the enterprise security immune system. Adaptive Security Architecture (ASA) is based on solutions that use adaptive and dynamic operational styles to maintain the integrity of data, systems and their survivability. To extend the parallel between biological ecosystems and enterprise IT infrastructures, ASA follows the Darwinian concept of ‘adapt or die’. Successful IT infrastructures must adapt or they will eventually fall to predator attacks, viral infections or the inability to adjust to environmental changes. ASA behaves similarly to how an organism defends against a localized disease outbreak or even a pandemic. Using an adaptive approach, ASA is an autonomic system that effectively mimics both an organic immune system and a large-scale natural ecosystem. To this end, the key objective of an Adaptive Security Architecture (ASA) is to be able to detect, contain and respond to cyber threats before they cause damage by:
 
• Continuously monitoring the “entire IT stack”
 
• Continuously monitoring the “entire IT stack”
 
• Shifting from “incident response” to “continuous response”
 
• Shifting from “incident response” to “continuous response”
Line 17: Line 17:
 
'''Components of an Adaptive Security Architecture'''<ref>Components of an Adaptive Security Architecture [^https://blog.vectra.ai/blog/what-is-an-adaptive-security-architecture-and-why-do-you-need-it|Vectra]</ref><br />
 
'''Components of an Adaptive Security Architecture'''<ref>Components of an Adaptive Security Architecture [^https://blog.vectra.ai/blog/what-is-an-adaptive-security-architecture-and-why-do-you-need-it|Vectra]</ref><br />
 
The adaptive security architecture that Gartner refers to provides continuous, pervasive monitoring and visibility.
 
The adaptive security architecture that Gartner refers to provides continuous, pervasive monitoring and visibility.
*"To enable a truly adaptive and [[risk]]-based response to advanced threats, the core of a next-generation security protection [[process]] will be continuous, pervasive monitoring and visibility that are constantly analyzed for indications of compromise.”
+
*"To enable a truly adaptive and risk-based response to advanced threats, the core of a next-generation security protection process will be continuous, pervasive monitoring and visibility that are constantly analyzed for indications of compromise.”
*“Enterprise monitoring should be pervasive and encompass as many layers of the IT stack as possible, including [[network]] activity, endpoints, system interactions, application transactions and user activity monitoring.”
+
*“Enterprise monitoring should be pervasive and encompass as many layers of the IT stack as possible, including network activity, endpoints, system interactions, application transactions and user activity monitoring.”
 
*“Improved prevention, detection, response and prediction capabilities are all needed to deal with all types of attacks, 'advanced' or not. Furthermore, these should not be viewed as siloed capabilities; rather, they should work intelligently together as an integrated, adaptive system to constitute a complete protection process for advanced threats.”
 
*“Improved prevention, detection, response and prediction capabilities are all needed to deal with all types of attacks, 'advanced' or not. Furthermore, these should not be viewed as siloed capabilities; rather, they should work intelligently together as an integrated, adaptive system to constitute a complete protection process for advanced threats.”
  
Line 24: Line 24:
 
'''Stages of Adaptive Security Architecture'''<ref>The Four Stages of Adaptive Security Architecture [https://digitalguardian.com/blog/what-adaptive-security-definition-adaptive-security-benefits-best-practices-and-more Digital Guardian]</ref><br />
 
'''Stages of Adaptive Security Architecture'''<ref>The Four Stages of Adaptive Security Architecture [https://digitalguardian.com/blog/what-adaptive-security-definition-adaptive-security-benefits-best-practices-and-more Digital Guardian]</ref><br />
 
Gartner lists the four stages of an adaptive security architecture as: predict, prevent, respond and defect. These can be briefly defined as:
 
Gartner lists the four stages of an adaptive security architecture as: predict, prevent, respond and defect. These can be briefly defined as:
Predict – assess risk, anticipate attacks and [[malware]], implement [[baseline]] systems and posture.
+
Predict – assess risk, anticipate attacks and malware, implement baseline systems and posture.
 
Prevent – harden and isolate systems to prevent security breaches.
 
Prevent – harden and isolate systems to prevent security breaches.
Respond – investigate incidents, [[design]] [[policy]] changes, conduct retrospective analysis.
+
Respond – investigate incidents, design policy changes, conduct retrospective analysis.
 
Defect – prioritize risks, defect and contain incidents.
 
Defect – prioritize risks, defect and contain incidents.
  
Line 37: Line 37:
 
Sun Microsoft lists the following as the objectives of Adaptive Security Architecture:
 
Sun Microsoft lists the following as the objectives of Adaptive Security Architecture:
 
*Reduce threat amplification – it restricts the potential spread of a pandemic in a monoculture.
 
*Reduce threat amplification – it restricts the potential spread of a pandemic in a monoculture.
*Shrink the attack surface – make the [[target]] of an attack smaller
+
*Shrink the attack surface – make the target of an attack smaller
 
*Decrease attack velocity – slow the rate of attack
 
*Decrease attack velocity – slow the rate of attack
 
*Reduce remediation time – respond to an attack quickly
 
*Reduce remediation time – respond to an attack quickly
Line 45: Line 45:
  
 
'''Implementing an Adaptive Security Architecture'''<ref>Implementing an Adaptive Security Architecture [https://static.aminer.org/pdf/PDF/000/291/816/autonomic_protection_system_using_adaptive_security_policy.pdf Sun Microsystems (now Oracle)]</ref><br />
 
'''Implementing an Adaptive Security Architecture'''<ref>Implementing an Adaptive Security Architecture [https://static.aminer.org/pdf/PDF/000/291/816/autonomic_protection_system_using_adaptive_security_policy.pdf Sun Microsystems (now Oracle)]</ref><br />
Any approach to implementing ASA must integrated into a larger fabric of the overall security architecture. It must occur within the context of other security features such as application, system, and network design, [[quality]] assurance, and configuration validation to ensure that all components and design entities comply with overall security policy.
+
Any approach to implementing ASA must integrated into a larger fabric of the overall security architecture. It must occur within the context of other security features such as application, system, and network design, quality assurance, and configuration validation to ensure that all components and design entities comply with overall security policy.
The following is a list of steps to begin designing an adaptive security [[model]]:
+
The following is a list of steps to begin designing an adaptive security model:
 
• Define threats and threat characteristics that are desirable to avoid or destroy. A threat characteristic may be an attribute of a known threat but may not include the entire threat structure. It may also be particular behavior exhibited by some entity or process.
 
• Define threats and threat characteristics that are desirable to avoid or destroy. A threat characteristic may be an attribute of a known threat but may not include the entire threat structure. It may also be particular behavior exhibited by some entity or process.
 
• Identify acceptable behavior, trusted components, and actions that must not be mistaken for a threat.  
 
• Identify acceptable behavior, trusted components, and actions that must not be mistaken for a threat.  
Line 52: Line 52:
 
• Implement redundancy for critical functions. Note that there should not be any critical “trusted” elements that if compromised could cause the entire system to fail. This instantiates the notions of survivability, diversity, and redundancy.
 
• Implement redundancy for critical functions. Note that there should not be any critical “trusted” elements that if compromised could cause the entire system to fail. This instantiates the notions of survivability, diversity, and redundancy.
 
• Define threat response mechanisms that are focused and that do not result in killing the host.
 
• Define threat response mechanisms that are focused and that do not result in killing the host.
• Define a recovery process whereby systems are capable of adaptively reconfiguring and restarting themselves. Part of this process also includes a learning and knowledge [[distribution]] mechanism so the infrastructure learns how to avoid similar threats in the future.
+
• Define a recovery process whereby systems are capable of adaptively reconfiguring and restarting themselves. Part of this process also includes a learning and knowledge distribution mechanism so the infrastructure learns how to avoid similar threats in the future.
• Define [[feedback]] capabilities that allow the threat response mechanisms to validate threats so that they only respond to legitimate and realistic threats. These feedback mechanisms help to ensure that the triggers and threat response mechanisms understand the security context in which they operate. This enables the desired adaptive behavior.
+
• Define feedback capabilities that allow the threat response mechanisms to validate threats so that they only respond to legitimate and realistic threats. These feedback mechanisms help to ensure that the triggers and threat response mechanisms understand the security context in which they operate. This enables the desired adaptive behavior.
  
  
 
'''Benefits of Adaptive Security Architecture'''<ref>What are the Benefits of Adaptive Security Architecture? [https://www.cso.com.au/article/619503/adaptive-security-architecture-enhancing-your-security/ cso.com]</ref><br />
 
'''Benefits of Adaptive Security Architecture'''<ref>What are the Benefits of Adaptive Security Architecture? [https://www.cso.com.au/article/619503/adaptive-security-architecture-enhancing-your-security/ cso.com]</ref><br />
Companies have always relied on prevention and policy-based controls for security, deploying products such as anti-[[virus]] [[software]], IDS/IPS and firewalls. Today, we are flooded by advanced and targeted attacks. However, the security architect can advise a shift in the security mindset from ‘incident response’ to ‘continuous response’, by assuming that systems are compromised and require continuous monitoring and remediation. Adaptive Security Architecture has the potential to provide organisations and businesses with the following benefits.
+
Companies have always relied on prevention and policy-based controls for security, deploying products such as anti-[[virus]] [[software]], IDS/IPS and firewalls. Today, we are flooded by advanced and targeted attacks. However, the security architect can advise a shift in the security mindset from ‘incident response’ to ‘continuous response’, by assuming that systems are compromised and require continuous monitoring and remediation. Adaptive Security Architecture has the potential to provide organizations and businesses with the following benefits.
 
*Real-time Monitoring and Responses: Teams are enabled to move from after-the-fact analysis logs to real-time [[evaluation]] of users. This makes a dynamic, immediate and potentially autonomous response possible.
 
*Real-time Monitoring and Responses: Teams are enabled to move from after-the-fact analysis logs to real-time [[evaluation]] of users. This makes a dynamic, immediate and potentially autonomous response possible.
*Filtering and Prioritisations: By applying advanced [[analytics]] and machine learning, organisations can identify some on-going security breaches they cannot detect by monitoring the system alone.
+
*Filtering and Prioritizations: By applying advanced analytics and machine learning, organizations can identify some on-going security breaches they cannot detect by monitoring the system alone.
 
*Reduce Threat Amplification: Restrict the potential spread of a pandemic in a monoculture.
 
*Reduce Threat Amplification: Restrict the potential spread of a pandemic in a monoculture.
 
*Shrink the Attack Surface: Make the target of an attack smaller.
 
*Shrink the Attack Surface: Make the target of an attack smaller.
Line 66: Line 66:
  
  
'''Key Challanges and Recommendations in Designing Adaptive Security Architecture'''<ref>What are the Key Challenges in Designing Adaptive Security Architecture? [https://konferencesecurity.cz/images/archiv/2015/for-download/m1-2.pdf Konference Security]</ref>
+
'''Key Challenges and Recommendations in Designing Adaptive Security Architecture'''<ref>What are the Key Challenges in Designing Adaptive Security Architecture? [https://konferencesecurity.cz/images/archiv/2015/for-download/m1-2.pdf Konference Security]</ref>
  
 
'''Key Challenges'''
 
'''Key Challenges'''
Line 75: Line 75:
  
 
'''Recommendations'''
 
'''Recommendations'''
*Shift from „Incident response“ to „Continuous response“.
+
*Shift from "Incident response" to "Continuous response".
 
*Adopt an adaptive security architecture.
 
*Adopt an adaptive security architecture.
 
*Spend less on prevention; invest in detection, response and predictive capabilities.
 
*Spend less on prevention; invest in detection, response and predictive capabilities.
Line 82: Line 82:
  
 
'''Analytics and [[Machine Learning]] in Adaptive Security'''<ref>Analytics and Machine Learning in Adaptive Security [https://digitalguardian.com/blog/what-adaptive-security-definition-adaptive-security-benefits-best-practices-and-more Digital Guardian]<br />
 
'''Analytics and [[Machine Learning]] in Adaptive Security'''<ref>Analytics and Machine Learning in Adaptive Security [https://digitalguardian.com/blog/what-adaptive-security-definition-adaptive-security-benefits-best-practices-and-more Digital Guardian]<br />
A primary tenet of adaptive security is to always assume there is something wrong with the system. Continual monitoring and improvements of security architecture are the main priorities. The modus operandi is to not wait for an incident to happen, but to expect it, identify it, and respond before having the chance to breach the system. It needs to be a proactive approach model as opposed to a reactive one. Security analytics and machine learning are key components of adaptive security architecture. In addition to this, descriptive analytics detect anomalous events, diagnostic analytics help explain why an adverse event happened and predictive analytics can identify suspicious behavior based on historical data and patterns – both on microscopic and macroscopic levels. With endless reams of [[Big Data]] locked up in data warehouses in the cloud and malicious activity disguised as legitimate commands, and [[server]] requests becoming nearly impossible to detect, machine learning can serve a useful purpose. It can assist a security team by automating many processes such as pattern recognition used in analytics. MIT’s [[Computer]] Science and Artificial Intelligence Lab (CSAIL) is developing an adaptive security platform called AI2. Machine learning is used to review data from tens of millions of data logs per day. It reduces the number of events a cybersecurity analyst must review from one or two hundred to tens of thousands. With the ability to autonomously learn from past successes and failures, it has an 85% success rate predicting cyber attacks.
+
A primary tenet of adaptive security is to always assume there is something wrong with the system. Continual monitoring and improvements of security architecture are the main priorities. The modus operandi is to not wait for an incident to happen, but to expect it, identify it, and respond before having the chance to breach the system. It needs to be a proactive approach model as opposed to a reactive one. Security analytics and machine learning are key components of adaptive security architecture. In addition to this, descriptive analytics detect anomalous events, diagnostic analytics help explain why an adverse event happened and predictive analytics can identify suspicious behavior based on historical data and patterns – both on microscopic and macroscopic levels. With endless reams of Big Data locked up in data warehouses in the cloud and malicious activity disguised as legitimate commands, and server requests becoming nearly impossible to detect, machine learning can serve a useful purpose. It can assist a security team by automating many processes such as pattern recognition used in analytics. MIT’s Computer Science and Artificial Intelligence Lab (CSAIL) is developing an adaptive security platform called AI2. Machine learning is used to review data from tens of millions of data logs per day. It reduces the number of events a cybersecurity analyst must review from one or two hundred to tens of thousands. With the ability to autonomously learn from past successes and failures, it has an 85% success rate predicting cyber attacks.
 +
 
 +
 
 +
===See Also===
 +
[[Enterprise Architecture]]<br />
 +
[[Architecture]]<br />
 +
[[Security Architecture]]
 +
 
  
  

Revision as of 18:11, 7 September 2022

Adaptive security architecture describes an approach that uses a combination of integrated tactics to help businesses stay ahead of cybercriminals, instigating flexible security measures to protect data and systems in as agile a way as possible, rather than relying on outdated perimeter defense strategies.[1]

The Adaptive Security Architecture is the enterprise security immune system. Adaptive Security Architecture (ASA) is based on solutions that use adaptive and dynamic operational styles to maintain the integrity of data, systems and their survivability. To extend the parallel between biological ecosystems and enterprise IT infrastructures, ASA follows the Darwinian concept of ‘adapt or die’. Successful IT infrastructures must adapt or they will eventually fall to predator attacks, viral infections or the inability to adjust to environmental changes. ASA behaves similarly to how an organism defends against a localized disease outbreak or even a pandemic. Using an adaptive approach, ASA is an autonomic system that effectively mimics both an organic immune system and a large-scale natural ecosystem. To this end, the key objective of an Adaptive Security Architecture (ASA) is to be able to detect, contain and respond to cyber threats before they cause damage by: • Continuously monitoring the “entire IT stack” • Shifting from “incident response” to “continuous response” • Moving to a “unified” or “integrated” detection, response, prediction & protection capability • Preventing “successful attacks” • Reducing the surface and velocity of attacks • Reducing the Mean-Time-To-Detect Threats (MTTD) and the Mean-Time-To-Respond to Threats (MTTR) • Implementing a continuous response-enabled operations (SOC) Moreover, the ASA has to provide the ability to take remedial actions such as: • The quarantine of resources for forensic purposes so that the ecosystem can learn from the breach • The provisioning of other resources to replace affected systems, enabling service continuity • The application of corrective measures as needed[2]


Components of an Adaptive Security Architecture[3]
The adaptive security architecture that Gartner refers to provides continuous, pervasive monitoring and visibility.

  • "To enable a truly adaptive and risk-based response to advanced threats, the core of a next-generation security protection process will be continuous, pervasive monitoring and visibility that are constantly analyzed for indications of compromise.”
  • “Enterprise monitoring should be pervasive and encompass as many layers of the IT stack as possible, including network activity, endpoints, system interactions, application transactions and user activity monitoring.”
  • “Improved prevention, detection, response and prediction capabilities are all needed to deal with all types of attacks, 'advanced' or not. Furthermore, these should not be viewed as siloed capabilities; rather, they should work intelligently together as an integrated, adaptive system to constitute a complete protection process for advanced threats.”


Stages of Adaptive Security Architecture[4]
Gartner lists the four stages of an adaptive security architecture as: predict, prevent, respond and defect. These can be briefly defined as: Predict – assess risk, anticipate attacks and malware, implement baseline systems and posture. Prevent – harden and isolate systems to prevent security breaches. Respond – investigate incidents, design policy changes, conduct retrospective analysis. Defect – prioritize risks, defect and contain incidents.


Adaptive Security Architecture
source: Gartner


Objectives of Adaptive Security Architecture[5]
Sun Microsoft lists the following as the objectives of Adaptive Security Architecture:

  • Reduce threat amplification – it restricts the potential spread of a pandemic in a monoculture.
  • Shrink the attack surface – make the target of an attack smaller
  • Decrease attack velocity – slow the rate of attack
  • Reduce remediation time – respond to an attack quickly
  • Facilitate the availability of data and processing resources – prevent or contain attacks that try to limit resources
  • Promote correctness of data and the reliability of processing resources – respond to attacks intended to compromise data or system integrity.


Implementing an Adaptive Security Architecture[6]
Any approach to implementing ASA must integrated into a larger fabric of the overall security architecture. It must occur within the context of other security features such as application, system, and network design, quality assurance, and configuration validation to ensure that all components and design entities comply with overall security policy. The following is a list of steps to begin designing an adaptive security model: • Define threats and threat characteristics that are desirable to avoid or destroy. A threat characteristic may be an attribute of a known threat but may not include the entire threat structure. It may also be particular behavior exhibited by some entity or process. • Identify acceptable behavior, trusted components, and actions that must not be mistaken for a threat. • Define triggers to monitor for threats and, as necessary, to invoke an auto-immune system response. These “immune response mediators” are the threat detection sensors that alert the larger IT infrastructure of potential threats and prime the threat response mechanisms. • Implement redundancy for critical functions. Note that there should not be any critical “trusted” elements that if compromised could cause the entire system to fail. This instantiates the notions of survivability, diversity, and redundancy. • Define threat response mechanisms that are focused and that do not result in killing the host. • Define a recovery process whereby systems are capable of adaptively reconfiguring and restarting themselves. Part of this process also includes a learning and knowledge distribution mechanism so the infrastructure learns how to avoid similar threats in the future. • Define feedback capabilities that allow the threat response mechanisms to validate threats so that they only respond to legitimate and realistic threats. These feedback mechanisms help to ensure that the triggers and threat response mechanisms understand the security context in which they operate. This enables the desired adaptive behavior.


Benefits of Adaptive Security Architecture[7]
Companies have always relied on prevention and policy-based controls for security, deploying products such as anti-virus software, IDS/IPS and firewalls. Today, we are flooded by advanced and targeted attacks. However, the security architect can advise a shift in the security mindset from ‘incident response’ to ‘continuous response’, by assuming that systems are compromised and require continuous monitoring and remediation. Adaptive Security Architecture has the potential to provide organizations and businesses with the following benefits.

  • Real-time Monitoring and Responses: Teams are enabled to move from after-the-fact analysis logs to real-time evaluation of users. This makes a dynamic, immediate and potentially autonomous response possible.
  • Filtering and Prioritizations: By applying advanced analytics and machine learning, organizations can identify some on-going security breaches they cannot detect by monitoring the system alone.
  • Reduce Threat Amplification: Restrict the potential spread of a pandemic in a monoculture.
  • Shrink the Attack Surface: Make the target of an attack smaller.
  • Decrease the Attack Velocity: Slow the rate of attack.
  • Reduce Remediation Time: Responds to attack quickly.


Key Challenges and Recommendations in Designing Adaptive Security Architecture[8]

Key Challenges

  • Existing blocking and prevention capabilities are insufficient to protect against motivated, advanced attackers.
  • Most organizations continue to overly invest in prevention-only strategies.
  • Limited visibility in advanced attacks.
  • Because enterprise systems are under continuous attack and are continuously compromised, an ad hoc approach to "incident response" is the wrong mindset.

Recommendations

  • Shift from "Incident response" to "Continuous response".
  • Adopt an adaptive security architecture.
  • Spend less on prevention; invest in detection, response and predictive capabilities.
  • Develop a security operations center that supports continuous monitoring.


Analytics and Machine Learning in Adaptive Security<ref>Analytics and Machine Learning in Adaptive Security Digital Guardian
A primary tenet of adaptive security is to always assume there is something wrong with the system. Continual monitoring and improvements of security architecture are the main priorities. The modus operandi is to not wait for an incident to happen, but to expect it, identify it, and respond before having the chance to breach the system. It needs to be a proactive approach model as opposed to a reactive one. Security analytics and machine learning are key components of adaptive security architecture. In addition to this, descriptive analytics detect anomalous events, diagnostic analytics help explain why an adverse event happened and predictive analytics can identify suspicious behavior based on historical data and patterns – both on microscopic and macroscopic levels. With endless reams of Big Data locked up in data warehouses in the cloud and malicious activity disguised as legitimate commands, and server requests becoming nearly impossible to detect, machine learning can serve a useful purpose. It can assist a security team by automating many processes such as pattern recognition used in analytics. MIT’s Computer Science and Artificial Intelligence Lab (CSAIL) is developing an adaptive security platform called AI2. Machine learning is used to review data from tens of millions of data logs per day. It reduces the number of events a cybersecurity analyst must review from one or two hundred to tens of thousands. With the ability to autonomously learn from past successes and failures, it has an 85% success rate predicting cyber attacks.


See Also

Enterprise Architecture
Architecture
Security Architecture


References

  1. Definition - Defining Adaptive Security Architecture (ASA) IFP Technology
  2. Explaining Adaptive Security Architecture (ASA) Unisys
  3. Components of an Adaptive Security Architecture [^https://blog.vectra.ai/blog/what-is-an-adaptive-security-architecture-and-why-do-you-need-it%7CVectra]
  4. The Four Stages of Adaptive Security Architecture Digital Guardian
  5. objectives of Adaptive Security Architecture ASA247
  6. Implementing an Adaptive Security Architecture Sun Microsystems (now Oracle)
  7. What are the Benefits of Adaptive Security Architecture? cso.com
  8. What are the Key Challenges in Designing Adaptive Security Architecture? Konference Security


Further Reading

Retrieved from "https://cio-wiki.org//index.php?title=Adaptive_Security_Architecture_(ASA)&oldid=10622"